Re: [squid-users] Transparent Proxy from Chad Whitten on 2003-03-12 (squid-users)

From: Chad Whitten <cwhitten@dont-contact.us>
Date: Wed, 12 Mar 2003 13:44:00 -0600

your cisco ios has to support wccp and then you need to compile your squid
server with the --enable-linux-netfilter. once thats done, you need to
compile the ip_wccp.c kernel module (do a google for it) with the command
---------------- this is all one line by the way -----------------------------
gcc -D __KERNEL__ -I/usr/src/linux/include -Wall -Wstrict-prototypes -O2
-fomit-frame-pointer -fno-strict-aliasing -pipe -fno-strength-reduce -m386
-DCPU=386 -DMODULE -DMODVERSIONS -include
/usr/src/linux/include/linux/modversions.h -c ip_wccp.c
---------------------------------------------------------------------------------

then load up the module in the kernel - modprobe ip_wccp
configure some iptables rules for redirection - can be found at
http://www.nexband.com/LDP/HOWTO/mini/TransparentProxy.html

then on the router add the wccp commands
in the global config
ip wccp version 1
ip wccp web-cache
and on your outward facing interface
ip wccp web-cache redirect out

there are some special things you have to set in squid.conf that are specified
in the howto above, but one that isnt is the wccp router option
here is a snip from mine (routers ip is 172.16.0.1)
# TAG: wccp_router
# Squid. Setting the 'wccp_router' to 0.0.0.0 (the default)
wccp_router 172.16.0.1
# TAG: wccp_version
wccp_version 4

note if you router ios doesnt support wccp, you can do some stuff with route
maps - search the squid-cache faqs for interception caching on how to do it.

On Wednesday 12 March 2003 13:29, Devon Harding - GTHLA wrote:
> How do I get the "Automatically detect settings" checkbox in Internet
> Explorer to work with squid without manually entering proxy settings for
> users? Or how do I get transparent proxy to work without using squid as a
> default gateway? I'm using a Cisco 1600 for the default gateway.
>
> _____________________
> Devon Harding
> System Administrator
> Gilat Latin America
> 954-858-1600
> dharding@gilatla.com <mailto:dharding@gilathla.com>
>
> This e-mail is intended for the above named addressee(s), and may contain
> information which is confidential or privileged. If you are not the
> intended recipient, please inform us immediately: you should not copy or
> use this e-mail for any purpose nor disclose its contents to any person.

-- 
Chad Whitten
Network/Systems Administrator
neXband Communications
cwhitten@nexband.com
601-944-4801

Received on Wed Mar 12 2003 - 12:43:51 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:02 MST